Crunchbase was targeted alongside SoundCloud and Betterment in a ShinyHunters campaign.

The post Crunchbase Confirms Data Breach After Hacking Claims appeared first on SecurityWeek.

Understanding how threat hunting differs from reactive security provides a deeper understanding of the role, while hinting at how it will evolve in the future.

The post Cyber Insights 2026: Threat Hunting in an Age of Automation and AI appeared first on SecurityWeek.

Priced $2,000 - $6,000 on a cybercrime forum, the MaaS toolkit promises publication on the Chrome Web Store.

The post ‘Stanley’ Malware Toolkit Enables Phishing via Website Spoofing appeared first on SecurityWeek.

TikTok has finalized a deal to create a new American entity, avoiding the looming threat of a ban in the United States.

The post TikTok Finalizes a Deal to Form a New American Entity appeared first on SecurityWeek.

10 years after disrupting the Ukrainian power grid, the APT targeted Poland with data-wiping malware.

The post Russian Sandworm Hackers Blamed for Cyberattack on Polish Power Grid appeared first on SecurityWeek.

The critical-severity vulnerability can be exploited via crafted network packets for remote code execution.

The post 2024 VMware Flaw Now in Attackers’ Crosshairs appeared first on SecurityWeek.

The WorldLeaks cybercrime group claims to have stolen information from the footwear and apparel giant’s systems.

The post Nike Probing Potential Security Incident as Hackers Threaten to Leak Data appeared first on SecurityWeek.

Similar to recent FortiCloud single sign-on (SSO) login vulnerabilities, the attacks bypass authentication.

The post Fortinet Confirms FortiCloud SSO Exploitation Against Patched Devices appeared first on SecurityWeek.

Other noteworthy stories that might have slipped under the radar: Cloudflare WAF bypass, Canonical Snap Store abused for malware delivery, Curl terminating bug bounty program

The post In Other News: €1.2B GDPR Fines, Net-NTLMv1 Rainbow Tables, Rockwell Security Notice appeared first on SecurityWeek.

Threat actors are leveraging the file-sharing service for payload delivery in AitM phishing and BEC attacks.

The post Phishers Abuse SharePoint in New Campaign Targeting Energy Sector appeared first on SecurityWeek.

Cyber regulations are where politics meets business – where business becomes subject to political realities.

The post Cyber Insights 2026: Regulations and the Tangled Mess of Compliance Requirements appeared first on SecurityWeek.

Under Armour is investigating a recent data breach that purloined customers’ email addresses and other personal information.

The post Under Armour Looking Into Data Breach Affecting Customers’ Email Addresses appeared first on SecurityWeek.

CISA has added the Zimbra flaw to the KEV catalog along with three other bugs exploited in the wild.

The post Organizations Warned of Exploited Zimbra Collaboration Vulnerability appeared first on SecurityWeek.

Pwn2Own participants disclosed a total of 76 vulnerabilities during the three-day event. 

The post Infotainment, EV Charger Exploits Earn Hackers $1M at Pwn2Own Automotive 2026 appeared first on SecurityWeek.

The exploitation of the authentication bypass vulnerability started two days after patches were released.

The post Fresh SmarterMail Flaw Exploited for Admin Access appeared first on SecurityWeek.

Dozens of Venezuelan nationals have been charged by the US for their role in ATM jackpotting attacks. 

The post 2 Venezuelans Convicted in US for Using Malware to Hack ATMs appeared first on SecurityWeek.

To all those who are fighting the good fight in the world of cyber, keep collaborating to ensure our world never succumbs to the chaos of the Upside Down.

The post The Upside Down is Real: What Stranger Things Teaches Us About Modern Cybersecurity appeared first on SecurityWeek.

A team of researchers from the Graz University of Technology in Austria has revived page Linux page cache attacks.

The post Old Attack, New Speed: Researchers Optimize Page Cache Exploits appeared first on SecurityWeek.

See how modern AI-driven detection can block sophisticated attacks that traditional tools miss

The post Webinar Today: Rethinking Email Security for Mid-Sized Organizations appeared first on SecurityWeek.

The startup’s AI-native platform unifies exposure analysis, threat intelligence, investigation, and response.

The post AiStrike Raises $7 Million in Seed Funding appeared first on SecurityWeek.